Generate password complexity setting #15491
Comments
|
Can't MySQL be fixed to not require special chars per se? ;) |
Do you think that lowering security level for passwords is a good way to solve the problem? :) |
|
Who's talking about lowering security levels? Each 'security level' can be reached without special characters, simply by increasing the password length. |
Personally I don't see any reasons why it can't be added. |
|
Just a note, but it might be interesting to generate a password regarding the MySQL configuration : https://dev.mysql.com/doc/refman/5.7/en/validate-password-options-variables.html#sysvar_validate_password_policy |
In the code, there is one reason:
In my opinion, this is not a good reason… |
williamdes
added
the
has-pr
…-suggested-passwords fix #15491 Generate password complexity setting
Improve complexity of generated passwords Signed-off-by: Maurício Meneghini Fauth <mauricio@fauth.dev>
|
That doesn't add a setting for password complexity, it changes it unconditionally. :( |
|
@OlafvdSpek , you're right. My first idea was to provide a quick fix to be able to generate a valid password (even if it may not always be valid). But here, at least, we can have a valid password. In another version, I would like to generate a password regarding the MySQL configuration. So I would suggest to keep this issue open if this is OK for you @williamdes @MauricioFauth . Thank you. |
williamdes
removed
the
has-pr
|
Okay |
|
Could the update be reverted until it's (fully) ready? |
|
@OlafvdSpek, sorry, but why ? Is there any issue with this patch ? Because there might be a better solution, does it mean that we shouldn't provide a temporary solution ? Thank you for your feedback. |
|
See the reason for the current solution @ #15491 (comment) |
|
Hi, I’m new here. I would love to contribute to phpMyAdmin and I think this is an issue I can work on. Can someone tell me what exactly I should implement? P.S: I’m just starting open source contribution and I might be a bit slow, but I love to learn! So. |
|
Hi, I wanted to work on it, but didn't yet find time to do it… Here is the way I expected to do it:
|
|
Sure, Will work on it. Thanks! :D |
|
For information, here is the list of variables: https://dev.mysql.com/doc/refman/5.7/en/validate-password-options-variables.html |
|
Yeah, I saw that earlier. And I did devise a solution exactly the same as yours. But I didn't know how to share those variables with JS. Since somewhat similar is already implemented, I'll look the code and make something similar. |
Can you show me the file where this is done, I'm having a hard time finding it. 😅 |
|
I was thinking about this file: https://github.com/phpmyadmin/phpmyadmin/blob/master/js/messages.php |
|
Okay Thanks, I'll look into this! 😄 |
|
Can some one help me with this? I need a way to retrieve the MySQL password policies and share them with the function. How can I do it? @williamdes @Tithugues |
williamdes
added
the
has-pr
|
Please refer to #16305 for more informations |
williamdes
removed
the
has-pr
Hello,
I always encounter problem when mysql server is set to medium password level it requires special character in passwords when creating user.
When you use generate password function it doesn't have any of special chars so you always get an error from mysql for incorrect password.
Solution was simple: add special chars to function suggestPassword in functions.js file, no commas, no dots, no quotes, just these special chars !@#$%^&*()
How about making a setting in phpmyadmin to let people choose password complexity without having to modify js files? :)
The text was updated successfully, but these errors were encountered: